Pete Finnigan's Oracle Security Forum (http://www.petefinnigan.com/forum/yabb/YaBB.cgi)
Oracle Security >> Oracle Security >> Instances and Schema merger
(Message started by: Pete Finnigan on Jun 15th, 2006, 10:58am)

Title: Instances and Schema merger
Post by Pete Finnigan on Jun 15th, 2006, 10:58am
I am doing a security review of a project in which they wish to merge two instances of oracle into one and two Oracle schema into one.  

I do not know from a security point what I should be sugesting so please help.


Title: Re: Instances and Schema merger
Post by Pete Finnigan on Jun 19th, 2006, 9:40pm
Hi,

Lots of thoughts come to mind. In cost terms it can make sense to combine databases into one.

There can be security issues though. If the database now supports two applications then if one were breached security wise the second could also be breached either completely or partly. If both applications contain differnt customer data (dont just think external customers) then at least some of the data for each should be protected from each group of users. If there are power users with reporting tools then maybe acess needs to be chnaged. There could be security issues fixed for one schema that maybe cannot be fixed for another. For example if one application needs to have access to certain views or tables that could cause security concerns the other application gets them as well... if proper segregation can be acheived between applications and its driven by cost, then  consider it.

cheers

Pete



Powered by YaBB 1 Gold - SP 1.4!
Forum software copyright © 2000-2004 Yet another Bulletin Board